Instead of updating the post in question (again), I figured I’ll post all the new info here and call this a wrap. So, we all know about the security scammer now, and the different ways he is working to defraud innocent users and steal their data and money. It has been quite an experience tracking [...]
Posts Tagged ‘research’
How [not to] scam security people
An analysis of a rogue security tool that tries to steal passwords and scam people out of their paypal money and accounts.
Identity crisis
Here’s a common question I get asked a lot: “What technology should I use to secure my server/network/[some technology]?” The question is usually presented by someone who’s in charge of “Security” in an organization. Now, I wouldn’t have had a problem with this if this was a technician, or a pen-tester of sorts, but I [...]
Being in the middle (or: things we didn’t manage to learn in a decade)
Things that we should be fixing in security.
Cyber[Crime|War] – connecting the dots – BlackHat EU 2010
Hola from Barcelona! It’s been a very productive couple of days here. Quite a lineup for this version of the BlackHat briefings out here. I had the great fortune of speaking right after a fantastic opening by Jeff Moss (BlackHat founder and director) and Max Kelly (Facebook’s CSO) that just set me up perfectly – [...]
Cyber[FUD]Fare – repost from fudsec.com
As promised – here is the “official” cross-post from my guest appearance on fudsec.com. Enjoy! I’ve been intravenously fed with FUD for as long as I’ve been in the business. The main strategy for understanding that you are facing FUD is to realize that there is a financial motivation behind the FUD-spreading entity. This has [...]
New post on fudsec.com – CyberFUDfare
Just a quick FYI – a new post by yours truly has been published over at fudsec.com. One of my favorite blogs with some really cool contents (still wondering how I ended up publishing there ) Have fun reading: http://fudsec.com/cyberfudfare
It’s all about the money
Coverage of the latest developments in the ZeuS botnet software licensing, and fighting the botnet internet connectivity.
ExoticLiability podcast interview
OK, so a quick shameless plug for me and a couple of good friends at EL: I had the pleasure of throwing it all out with the ExoticLiability crew over the weekend, which ended up in a pretty cool podcast. Check it out at www.exoticliability.com (episode 51). May not be completely safe for listening to at [...]
The China/Google thing, accountants and other miscreants
Aha! Can’t believe I managed to avoid the unbelievable hype flood that swept across the interwebs in the last month. And to think that the last post (long overdue, I know… had REALLY good reasons for not being able to post anything) was somewhat oracleish in predicting that this would be the focus of this [...]